Bruce Hallas

Marmalade Box

Oz Alashe sits down with author, podcast host, speaker, consultant and trainer Bruce Hallas to discuss placing behaviour and culture at the forefront of cyber security. Join this interview to hear how a combination of data, psychology and design can help create a positive culture of data protection within organisations.

Did you enjoy the interview?

Why not share it with others! Use #PEEPSEC19 TO KEEP THE CONVERSATION GOING

[Sassy_Social_Share title=]

About Bruce

Bruce is the driving force behind the Re-thinking the Human Factor #RHF movement. He is an author, podcast host, speaker, consultant and trainer in the field of security awareness, behaviour and culture.

His journey into information security started with formal training in law, finance and marketing. This made him, for many years, an outsider looking in, to a tech centric industry and approach to security.

To survive he had to innovate and find his own path. He did this by focusing on the human aspects of the challenge starting with risk, governance and compliance and then 6 years ago he kicked off an industry movement to re-think the human factor.

Bruce has now completed 6 years research into Re-thinking the Human Factor which has culminated in the development and launch of the SABCTM (Security Awareness, Behaviour & Culture) Framework in 2016.

His research, vision and experience has attracted the attention of many industry stakeholders including ISC2 and the SANS Institute. He’s a regular speaker and panellist on the human factor where he’s been sharing his disruptive thoughts and uncomfortable truths on education and awareness now for 6 years.

Bruce Hallas

Marmalade Box


  • Why different “professional languages” are so important to security
  • Why awareness should be secondary to behaviour and influence
  • What we can learn from Ancient Greece about security training
  • How good security can help businesses not just survive but propser
  • How the Wright brothers conquering flight should be an inspiration to security teams